D.) Remarks 

r 

Objections under 37 C.F.R. SI .83(a): 

The objection to the drawings is made based on the assertion that the drawings fail 
to show the claimed first and second network interface processor and an array of media 
access processor including an assigned media access processor. The objection is 
presumptively made in reference to Claim 1 . If this is not the case, clarification is respectfully 
requested. 

Figure 3 shows a "first network interface processor" (Initiator Interface Processor 66) 
and a "second network interface processor" (Target Interface Processor 70). Figure 3 also 
shows an "array of media access processors" (Crypto Processors 72 n _ N ). 

Relative to Figure 1, the element 14 is plainly identified as a network media access 
controller! 4 at 1153 of the present specification. Element 60 is identified at H67 as a 
preferred implementation of the controller 14. At 1168, the crypto processor array is 
described as "a scalable array of crypto processors 72^, which, in aggregate, perform the 
core control and compute intensive functions of the network media access controller 60." 

The well-established standard for determining whether a claimed element is shown 
in the drawings is whether a person of ordinary skill in the art would reasonably recognize 
the claimed element in the drawings based on a fully reading of the specification and claims 
together. Here, a person of ordinary skill in the art would immediately and clearly 
understand that the "array of media access processors" corresponds to the "scalable array 
of crypto processors 72^" shown in Figure 3. 

Conversely, there is no reason evident from the specification and claims, and none 
presented in the present Action, as to why a person of ordinary skill would not so recognize 
the "scalable array of crypto processors 72 1N " as representing the claimed "array of media 
access processors". 

Finally, the claim phrase "including an assigned media access processor" is simply 
a very standard claiming technique used to assign a descriptive label for use for subsequent 
antecedent basis references. The present wording merely names "said assigned media 
access processor" as the one of the"array of media access processors" that, as claimed, is 
specifically: 

... operative to terminate a first network media access 
connection relative to said first network and provides a second 
network media access connection relative to said second 
network .... 
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The function of the descriptive label is fully supported by the specification at HI 02: 

For new TCP connections, a crypto processor 72^ is assigned, 
selected based on a load-balancing algorithm, to handle the 
TCP connection until closed. Preferably, load-balancing is 
performed by a least-connections-assigned algorithm. 

Consequently, the "assigned media access processor" is shown in Figure 3 as being a one 
of the "scalable array of crypto processors 72^". 

Again, from any reasonable reading of the specification and claims, a person of 
ordinary skill in the art would more than readily recognize and understand that the "scalable 
array of crypto processors 72 }mN " shown in Figure 3 includes the "assigned media access 
processor". No substantive argument or reasoned consideration to the contrary is presented 
in the Action. 

Reconsideration and withdrawal of the objection directed to the drawings is therefore 
respectfully requested. 

Rejections under 35 U.S.C. §1 12: 

Claims 23 - 24 and 29 - 30 stand rejected under 35 U.S.C. §112, HI, on the 
assertion that the specification fails to describe hoy/ data "is encrypted/compressed based 
on the storage target resource." In support, a portion of H97 is cited, . suggesting that only 
the SCSI read/write command is used to determine whether "the media-level data 160 is 
selectively processed by encryption, compression, or both." 

The assertion that the present specification only considers the SCSI read/write 
command is not supported when the specification is fully considered. At 1193 - H96, the 
present specification details the examination of the iSCSI packet is to identify the iSCSI target 
resource and how that target resource is associated with encryption and compression policy 
information. The last sentence in H94, at a minimum, establishes the relation between the 
target resource and the operations to be applied to the packet. 

Therefore, from a full and reasonable reading of the present specification, a person 
of ordinary skill would readily understand that a lookup based on the target resource will 
determine if and how the corresponding media level data will be encrypted and/or 
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compressed. At 111 05, the specification describes the combined use of the SCSI command 
and the target resource are used together to determine the applied operation: 

An encryption key, the volume compression status, and related parameters are 
retrieved 204 from the access policy 24, depending on whether media-level 
data is present in the iSCSI data packet as determined from function specified 
by the embedded SCSI command. 

Consequently, the claimed use of the target resource is fully supported by the 
disclosure provided in the present specification. 

Claims 2,5-9, 16, and 1 9 stand rejected under 35 U.S.C. §1 1 2, HI , as indefinite. 
Claim 2: 

The descriptive phrase ''the dynamic state" has been simplified to "a state." 
Claim 5: 

All occurrences of "shared-data store" appear to Applicants' Attorney to be properly 
qualified: in line 2, with "a"; bridging lines 3/4 and on line 5 with "said". Clarification of 
the rejection of this claim is respectfully requested. 

Claim 6: 

The phrase "provides for the encryption" has been amended to the equivalent, though 
slightly more formal form "is operative to encrypt" to ensure the identification of 
"encrypt/encryption" as being the defined function of "said assigned media access 
processor". 

Claim 7: 

The phrase "provides for the proxy transfer of has been amended to the equivalent 
phrase "is operative to proxy transfer" to more clearly identify that the "proxy" transfer is a 
function of "said assigned media access processor". 

Claim 8: 

The term "predetermined" has been removed. Additionally, a clarifying amendment 
paralleling those made to Claim 7, merely for purposes of consistency, has also been made. 

Claim 9: 

The phrase "the coordination" does not appear in Claim 9, but rather in Claim 10. 
There, the use of the article "the" does not create any ambiguity as it is merely used in 
describing the function of how "said assigned media processor" is responsive to the state 
data. Removal, however, does not change the scope or meaning of Claim 10. 
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In paragraphs 9 through 18, the Examiner makes a general assertion that the 
language of the claims is "inconsistent with the specification and does not allow the examiner 
to clearly understand applicants' invention/ 7 

To quite the contrary, the present specification includes a fundamentally clear and 
extensive description of the present invention well tailored to teach those of ordinary skill in 
the art how to make and use the present invention. Although a compendium of terms used 
could be helpful to an examiner, given the very short period of time allowed for review of the 
specification by the office, nonesuch is required by law. To the contrary, the courts have 
held: 

A rigid formalism, such as "I define to mean ," is not required for the 

specification to establish a lexicography for the claims. Astrazeneca AB v. 
Mutual Pharmaceutical Co., Inc. , Docket No. 04-1 100, Decided September 
30, 2004 (Fed. Cir. 2004). See, e.g., Bell Atl. Network Servs., Inc. , 262 F.3d 
at 1 268 ("[A] claim term may be clearly redefined without an explicit statement 
of redefinition. . . . [T]he specification may define claim terms 'by implication' 
such that the meaning may be 'found in or ascertained by a reading of the 
patent documents. (citation omitted)). 

All of the terms used in the present specification and claims are either implicitly well- 
known in the art or of a functional nature that is well within the understanding of persons of 
ordinary skill given the context in which the terms are used, i.e., the meaning is readily 
ascertained upon a reasonable reading of the present patent specification. 

Although the Action presents an assertion of a lack of clarity, there is no assertion that 
a person of ordinary skill would, after reasonably considering the present specification, find 
the terms unreasonably unclear. However, for purposes of advancing prosecution of the 
present application, Applicants' Attorney will attempt to respond as best as possible answer 
the Examiner's concerns. 

Relative to paragraph 10 of the Action referring to Claim 4, a question is raised as 
to how "state-data" is obtained. The present invention plainly describes the preferred use 
of the TCP/IP protocol. That protocol is well-known as a state-full protocol, with data 
representing state being transferred in the packet headers. A person of ordinary skill in the 
art would therefore plainly understand the meaning of Claim 4, particularly as it states that 
the data packets are "inspected" to obtain the state-data. Thus, for any protocol that 
provides state information as part of the data packet or at equivalent locations, that 
information would be readily understood by a person of ordinary skill in the art to be "state- 
data". 
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Relative to paragraph 1 2 and 1 3 of the Action, nothing in 35 U.S.C. §112 requires 
there to be an identity between claim terms and terms in the specification, particularly given 
that the claims themselves are also a part of the specification. Furthermore, there is no legal 
requirement that the claims be so definite as to define just a single embodiment. Instead, 
the well-settled legal standard is as follows: 

The teachings of the specification must be sufficient to enable one of skill in 
the art to reasonably establish what may be construed as being within the 
metes and bounds of the word of degree. A claim is not definite under 35 
U.S.C. §112 if one of ordinary skill in the art would not be apprized as to the 
claimed invention's scope when the claims are read in light of the 
specification. See Ex parte Oetiker, 23 USPQ2d 1641 . (Bd. Pat. App. & Inter. 
1992); Shatterproof Glass Corp. v. Libbey-Owens Ford Co. . 758 F.2d 613, 
624, 225 U.S.P.Q. 634, 641 (Fed. Cir. 1985); Hybritech Inc. v. Monoclonal 
Antibodies. Inc. . 802 F.2d 1367, 231 U.S.P.Q. 81 (Fed. Cir. 1986). 

To support a definiteness rejection under 35 U.S.C. §1 1 2, the Action must therefore 
present a credible explanation of why a person of ordinary skill in the art would not 
reasonably understand the terms of a claim when the claims are read in light of the 
specification. 

Thus, the examiner's question of whether the "state-data" of the "shared state-data" 
is specifically and exclusively defined as "session data, the state of a network or a particular 
processor that processes data, ..." is fundamentally and legally misplaced. The claim defines 
the term "state-data" in the context of the claim, which further corresponds well within the 
understanding of persons of ordinary skill in the art to the description of the invention as 
presented in the specification. 

Thus, if a person of ordinary skill in the art reasonably understands what is 
encompassed by the claim term "state-data" based on a reasonable reading of the 
specification, the term is definite as far as 35 U.S.C. §1 12 is concerned. 

Claim 5 introduces a store that allows "state-data" to be shared among the said array 
of media access processors. The "state-data" is specified by the claim to be "reflective of g 
t he dy namic state of said first network media access connection." As discussed above, state- 
data is the data that reflects the state of a network connection, as would be well understood 
by a person of ordinary skill in the art based on a reasonable reading of the present 
specification. Specifically, at H84, the present specification identifies the preferred operation 
of the crypto processors to update and, further, query the control processor 84 for shared 
data held in the memory 88. Figure 4, and the related text of the specification, provides a 
very clear description of the information held for shared use. 
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Although the description might not be as concise and convenient as the examiner or 
others might desire, there can be no reasonable assertion that a person of ordinary skill in 
the art, on reading the present specification, particularly in regards to Figure 4 and 6, would 
fail to understand what is encompassed by the "shared state-data" term as used in the Claim 
5. While it is certain that some interpretation is required, it is even more certain that no 
degree of specificity in the claims or specification would ever entirely remove the need for 
interpretation. But, such absolute specificity is not required by 35 U.S.C. §112. As 
established above, the well-established law does not require absolute specificity; the law only 
requires reasonableness to the level of understanding of one of ordinary skill. The present 
specification and claims clearly meet the applicable legal standard in regard to the "state- 
data" and "shared state-data" terms. 

Regarding the term "a transaction protocol state-machine," there can be no 
reasonable assertion that this term would not also be well understood by persons of ordinary 
skill in the art. The term "a transaction protocol state-machine" is evidently questioned in 
connection with Claim 2. There are, however, at least eight full figures and a substantial 
portion of the written specification used to teach the details of the transaction state machine 
embodiments preferred in the implementation of the present invention. Thus, there can be 
no credible assertion that the specification does not define "a transaction protocol state- 
machine" in the manner and to the standard legally required by 35 U.S.C. §1 12. 

The examiner also, in effect, points to the claimed use of the term "terminate" in 
relation to network connections as being unclear. The use of "terminate" is, however, is an 
old, standard, and well-known term in the art of network communications. In derivation, it 
is the punch-down of a wire on a termination block. In modern usage, it is the logical 
equivalent for a communications connection. In the simplest of definitions, it is the target or 
end-point of a connection. There can be no reasonable contention that the term is not well- 
known or that, in the context of the present claims, its meaning is not immediately and 
clearly understood by one of ordinary skill in the art to which the present invention most 
closely pertains. 

Regarding paragraph 14 of the Action, Claim 8 has been amended to recite "said" 
second network data packets. 

Regarding paragraph 15 of the Action, the phrase "network data packets that 
encapsulate data storage packets," as used in Claim 22 and its dependents, is more than 
sufficiently definite to meet the standard legally required by 35 U.S.C. §1 12 as explained 
above. 

In regard to the comments presented in this paragraph, with all due respect, the 
Examiner is reminded that the definiteness requirement under 35 U.S.C. §1 1 2, 112, relative 
to the claims, is not at all the same as the enablement requirement under 35 U.S.C. §1 1 2, 
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HI , applicable to the specification. The purposes served and the legal requirements of these 
two sub-sections are fundamentally different. 

In the present instance, the entire specification provides an enabling description of a 
manner of handling iSCSI data- packets. Persons of ordinary skill in the art readily 
understand that the SCSI protocol, by its specification, is a packetized data storage protocol. 
In turn, the iSCSI protocol, again by its very specification, is a network protocol that packs 
SCSI packets into network packets for transport. Thus, the present specification provides an 
enabling disclosure - specifically iSCSI as the preferred embodiment - of the use of a 
network protocol that provides for "network data packets that encapsulate data storage 
packets". 

The claims are, in turn, adequately definite under 35 U.S.C. §1 1 2, 112, by calling for 
a network protocol that provides for "network data packets that encapsulate data storage 
packets". That is, given the enabling description of using iSCSI in the specification, a person 
of ordinary skill in the art would immediately and clearly, indeed definitely, understand what 
is within the metes and bounds of "network data packets that encapsulate data storage 
packets". Nothing more is required of the claims to be definite under 35 U.S.C. §1 1 2, 112. 

Thus, Claim 22 is properly definite. 

Claims 23 and 29 require "locating within said data storage packet, selectively based 
on said storage command, media-level data." Based on the present specification, a person 
of ordinary skill in the art would readily recognize the data storage packet as corresponding 
to a SCSI packet. The storage command would then correspond to the SCSI command and 
the media-level data within the data storage packet would correspond to the SCSI packet 
payload data. 

Figure 8 and the related portion of the written specification clearly describes a data 
storage packet 156 including a storage command 158 and media-level data 160. The 
specification is clearly enabling and, based on any reasonable reading of the specification, 
the claim phrase "locating within said data storage packet, selectively based on said storage 
command, media-level data" is thereby readily understood by, and therefore definite to, a 
person of ordinary skill in the art. 

Regarding paragraph 16 of the Action, Claims 23, 24, and 29 - 30 are definite in 
view of the present specification. Contrary to the assertion made in the Action, H97 of the 
present specification does not state that encryption processing is performed only dependent 
on the SCSI command. As discussed above, when the full application is considered, 
including in particular 111193 - 96 and HI 05, the preferred embodiments base determination 
of encryption processing, through reference to the access policies, also on the target 
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resource. Consequently, these claims are likewise clear and more than adequately definite 
for purposes of 35 U.S.C. §1 1 2, H2. 

Regarding paragraph 1 6 of the Action, Claim 9 is clear, though the original wording 
is a bit complex. Claim 9 has therefore been amended merely to clarify the wording, without 
change to scope or content. 

Regarding paragraph 17, Claims 9 and 10 have been amended. 

Regarding paragraph 18, Claim 19 has been amended to provide suitable 
antecedent basis for the term "session connection data/ 7 

In view of the forgoing, Applicants respectfully request reconsideration of the rejection 
of Claims 2, 5 - 9, 1 6, 1 9, 23, 24, 29 and 30 under 35 U.S.C. §112. 

Rejections under 35 U.S.C. §102: 

In order to establish a rejection under 35 U.S.C. §102, all elements of a claim must 
be identically found in a prior art reference. See, M.P.E.P. §706.02 (For anticipation under 
35 U.S.C. 102, the reference must teach every aspect of the claimed invention either 
explicitly or impliedly. Any feature not directly taught must be inherently present) (emphasis 
added); M.P.E.P. §2112 (In relying upon the theory of inherency, the Examiner must provide 
a basis in fact and/or technical reasoning to reasonably support the determination that the 
allegedly inherent characteristic necessarily flows from the teachings of the applied prior art. 
Ex parte Levy , 17USPQ2d 1461, 1464 (Bd. Pat. App. & Inter. 1990) (emphasis in original); 
M.P.E.P. §2131. 

The essential nature of anticipatory identity requires that the function of the elements 
and their interconnections not just be colorably similar, but identical in all aspects (Emphasis 
added). See, Richardson v. Suzuki Motor Co. , 868 F.2d 1226, 1236, 9 USPQ2d 1913, 
1920 (Fed. Cir. 1989) (The identical invention must be shown [by the reference] in as 
complete detail as is contained in the ... claim). Clearly, a prior art reference that discloses 
a collection of elements that are assembled differently and that function collectively in a 
different or incomplete way compared to the claimed invention is not an anticipating 
reference. 

Claims 1 through 23 stand rejected as anticipated by Badamo et al (US Pub. No. 
2002/01 84487). Badamo teaches a gateway device that includes an array of service cards 
that include ingress and egress processors. The data flow is strictly controlled, as shown in 
Figure 2, as into one ingress processor and out another egress processor. The ingress and 
egress processors perform IPsec type encapsulation and encryption of the entire data packets 
provided for the purpose of establishing a gateway tunnel between different networks. 
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Relative to independent Claim 1, Badamo does not identically disclose: 



... an array of media access processors including an assigned media access 
processor operative to terminate a first network media access connection 
relative to said first network and provides a second network media access 
connection relative to said second network as a proxy for said first network 
media access connection 

particularly where a "switch provid[es] data paths between said first and second network 
interface processors and said array of media access processors." 

The architectures of the system described in Claim 1 and Badamo are therefore not 
identical . Accordingly, Claim 1 cannot be anticipated under 35 U.S.C. §102 by Badamo. 

Relative to independent Claim 1 1 , Badamo does not disclose: 

... a network interface processor coupleable to a client network and a storage 
network and coupled to said data packet processor to transfer network data 
packets 

that is separate from 

... a data packet processor, including an encryption engine, operative to 
selectively encrypt a media data portion of network data packets provided to 
said data packet processor. 

The architectures of the system described in Claim 1 1 and Badamo are therefore not 
identical . Accordingly, Claim 1 1 cannot be anticipated under 35 U.S.C. §1 02 by Badamo. 

Relative to independent Claim 1 6, Badamo does not disclose: 

a) first network interface processor coupleable to a client network; 

b) second network interface processor coupleable to a data storage 

network; 

c) a plurality of data packet processors coupled to said first and second 

network interface processors 

Rather, Badamo only discloses ingress and egress processors that, at best, separately 
perform encryption. 

The architectures of the system described in Claim 16 and Badamo are therefore not 
identical . Accordingly, Claim 1 6 cannot be anticipated under 35 U.S.C. §1 02 by Badamo. 
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Relative to independent Claim 22, Badamo does not disclose: 

b) first processing a network data packet ... to determine a storage 
command contained within said network storage packet; 

c) second processing said network data packet to determine a storage 
target resource from a data storage packet encapsulated by said network data 
packet; and 

d) filtering, selectively based on a determined correspondence between 
said storage command and said storage target resource , the transport of said 
network data packet from said network connection route (emphasis added) 

Nowhere in Badamo is there any consideration of the actual contents of a data 
packet, let alone the specific consideration of whether the packet contains a storage 
command. Rather, Badamo merely performs IPsec processing of entire data packets without 
any regard to the data contained within. The method implemented by Badamo is therefore 
not identical to that of Claim 22. Accordingly, Claim 22 cannot be anticipated under 35 
U.S.C. §102 by Badamo. 

Applicants respectfully request reconsideration of Claims 1,11,16, and 22, including 
the claims dependent therefrom, as anticipated under 35 U.S.C. §102 by Badamo. 

Reconsideration of the overlapping rejections, also under 35 U.S.C. §102 based on 
Badamo, as presented in the Action at paragraphs 21 and 22 is also requested in view of 
the above arguments. 

Rejections under 35 U.S.C. §103: 

Claims not identically shown by a reference otherwise available under 35 U.S.C. 
§1 02(a), (b), or (e) may be obvious under 35 U.S.C. §103. For purposes of completeness, 
Claims 1 through 22 will also be considered as having been rejected under 35 U.S.C. §103. 

To establish a prima facie case of obviousness, three basic criteria must be met. First, 
there must be some suggestion or motivation, either in the references themselves or in the 
knowledge generally available to one of ordinary skill in the art, to modify the reference or 
to combine reference teachings. Second, there must be a reasonable expectation of success. 
Finally, the prior art reference (or references when combined) must teach or suggest all the 
claim limitations. The teaching or suggestion to make the claimed combination and the 
reasonable expectation of success must both be found in the prior art, not in applicant's 
disclosure. In re Vaeck . 947 F.2d 488, 20 USPQ2d 1438 (Fed. Cir. 1991). See also, 
M.P.E.P. §§2142, 2143. 
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Badamo describes a high-performance gateway system that, in effect, serves to 
connect two networks. From one network, an ingress processor passes network packets to 
an egress processor that, in turn, passes the network packets to the second network. 

Beyond packet transport, Badamo implements an IPsec tunnel capability where the 
data packets may be encrypted or decrypted as needed. The only shared resource between 
the ingress and egress processors is a table of the security authorizations (SA) that may be 
applicable to the data packets transferred through the gateway. 

Finally, Badamo teaches a load-balancing of the gateway processor resources. 
Evidently, an ingress and egress processor pair is implemented on each of a set of system 
cards. Different numbers of the system cards can be allocated for doing ingress processing 
versus egress processing. This suggests that at least half of all of the processors in the 
Badamo system are idle at any given time. 

Badamo is acknowledged in the Action as failing to teach or suggest anything akin 
to a transaction protocol state machine. 

Chui (US Patent 5,931,914) is advanced instead as teaching a transaction protocol 
state machine. Chui does describe a state machine design that, from some given state, 
presents an interesting way of efficiently getting to the next state. Only in the general 
background presented by Chui is there anything potentially specific to a transaction protocol 
state machine. There, Chui merely acknowledges that state machines can be used in 
managing the protocol states of a communications transaction between processors. 

What Badamo and Chui fail to teach or suggest is any way of combining their 
teachings to realize, with specificity, what is claimed. In order to support an obviousness 
rejection the Examiner must present a credible and persuasive reasons why "the skilled 
artisan, with no knowledge of the claimed invention, would have selected these components 
for combination in the manner claimed ,, . In re Kotzab, 217 F.3d 1 365, 1 371 , 55 USPQ2d 
1313, 1317 (Fed. Cir. 2000). 

Furthermore, an examiner has the burden of establishing a prima fade case of 
obviousness by"showing some objective teaching in the prior art or that knowledge generally 
available to one of ordinary skill in the art would lead that individual to combine the relevant 
teachings of the references/ 7 In re Fritch . 972 F.2d 1260, 1265, 23 USPQ2d 1780, 1783 
(Fed. Cir. 1992). The standard by which this burden must be met is well-settled: 

M [T]o support the conclusion that the claimed combination is directed to 
obvious subject matter, either the references must expressly or impliedly 
suggest the claimed combination or the examiner must present a convincing 
line of reasoning as to why the artisan would have found the claimed invention 
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to have been obvious in light of the teachings of the references." In Ex parte 
Clapp , 227 U.S.P.Q. 972, 973 (Patent Board of Appeals, 1985). 



In the present instance, the Action and both references are entirely silent in describing 
how the Chui state machine could be combined with Badamo to realize all of the limitations 
of any claim. Both references are entirely silent even as to what modifications should be 
made or functions improved by including Chui in Badamo. 

A conclusory statement that "it would have been obvious" followed by a bare 
recitation of a couple of features of a claim, as presented in the present Action, is 
unquestionably inadequate to establish a prima facie case of obviousness. The present 
Action is as silent as the art in explaining the actual modifications needed to implement a 
state machine such as shown in Chui to obtain the specific result of meeting each and every 
limitation of the rejected claims. 

In fact, there is no reason of record to believe that a person of ordinary skill in the art 
would have even thought of combining Chui and Badamo, let alone be further motivated 
to make the unspecified modifications necessary to realize the specific structure of any of the 
claims. 

The only explanation of record of any motivation to combine is the vague conclusory 
statement that the combination would have been motivated to make "communication more 
efficient." While true of virtually every system in the abstract manner presented, the assertion 
actually provide no explanation of why a person of ordinary skill would have thought to 
combine these two specific references or to make any of the further modifications inherently 
required to realize any of the present claims. 

Consequently, the cited art is not even combinable. In any event, no valid pnma facie 
case of obviousness has been made against claims 1-21. For this reason alone, the 
rejection of Claims 1-21 under 35 U.S.C. §103 cannot be maintained. 

Even if the references could be combined and the absence of a prima facie case of 
obviousness ignored, as detailed below in regard the pending claims, the art does not in fact 
teach or suggest the present invention as claimed. 

Claim 1 : 

Claim 1 calls for: 

a) a first network interface processor ... 

b) a second network interface processor ... 

c) an array of media access processors and 
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d) a switch providing data paths between said first and second network 
interface processors .... 

The first and second network interface processors are separate from the array of 
media access processors. Nothing in the cited reference teaches or suggests this 
architectural configuration. There is no known reason, and certainly none of record, why a 
person of ordinary skill in the art would even begin to think of the kind of fundamental 
changes to Badamo that would be needed to realize this architecture. 

Rather, the structure of Claim 1 is designed to implement a function that is not 
considered by any of the cited references. That is, Claim 1 provides for the capacity to load 
balance the performance of a data intensive function without compromising the function of 
the ingress and egress processors. Contrary to Badamo, which is restricted to shifting the 
proportional performance of ingress and egress functions to balance load, the presently 
claimed invention balances load by rerouting the load among the array of media access 
processors. With the claimed structure, no ingress or egress processors need be taken out 
of their respective roles at any time. 

Furthermore, the claimed architecture is far easier to scale. With Badamo, complete 
ingress and egress pairs must be added or removed, potentially with impact on the network 
connectivity. With the architecture presented in Claim 1 , however, the array of media access 
processors scales effectively without impact on the network interface processors or their 
network connectivity. 

Since the prior art does not teach or suggest the literally claimed structure, Claim 1 
and its dependents are not obvious under 35 U.S.C. §103. 

Claim 1 1 : 

Claim 1 1 provides for a "secure storage access portal provided in a network between 
client systems and network attached data storage" including: 

a data packet processor, including an encryption engine, operative to 
selectively encrypt a media data portion of network data packets 
provided to said data packet processor (emphasis added). 

Badamo nowhere teaches or suggests the selective encryption a specific portion of 
a data packet - specifically a "media data" portion. Badamo only teaches IPsec encryption, 
which encrypts only entire data packets. Badamo does not teach or suggest any reason to 
even consider encrypting anything less than an entire data packet. 
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Conversely, the claim is specific to encrypting the media data portion, which is 
described in the present specification as that portion of the data packet payload that is 
transferred to or from a persistent media. To be certain, the specification defines this data 
as "media-level data' 7 (1154). To ensure clarity, Claim 1 1 has been amended to specify: 

wherein said data media portion is media-level data provided 
for storage on a storage device coupled to said storage 
network . 

Claim 1 1 and its dependents are therefore not obvious under 35 U.S.C. §103 in view 
of the cited references. 

Independent Claim 16 includes the limitation: 

... wherein each said data packet processor includes an 
encryption engine operative to selectively encrypt media-level 
data contained within data transfer requests and responses as 
transported from said client network connections to said storage 
network connections 

Claim 16 and it dependents, are not obvious under 35 U.S.C. §103 for the same 
reasons given in regard to Claim 1 1 . 

Claim 22: 

Claim 22 specifically calls for a method of transporting "network data packets that 
encapsulate data storage packets, wherein data storage packets include storage 
commands", where the method includes the specific steps of: 

a) establishing a network connection route for network data 
packets provided from a first network through a network data packet 
processor to a second network; 

b) first processing a network data packet provided through said 
network connection route to determine a storage command contained 
within said network storage packet; 

c) second processing said network data packet to determine a 
storage target resource from a data storage packet encapsulated by 
said network data packet; and 

d) filtering, selectively based on a determined correspondence 
between said storage command and said storage target resource, the 
transport of said network data packet from said network connection 
route. 
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Claim 22 explicitly requires "second processing" that is conditioned on an analysis 
of the specialized content of a packet to observe the "storage target resource" identified 
within. 

Clearly, Badamo does not consider the content of the packets, let alone teach or 
suggest this specialized packet processing. The IPsec processing, which is all that is of 
concern to Badamo, is applied to complete packets or not regardless of content. The Chui 
reference adds nothing of relevance to the teachings or suggestions of Badamo. 

Claim 22 and its dependents are therefor not obvious under 35 U.S.C. §103 in view 
of Badamo and Chui. 

Finally, Claims 22-31 stand rejected under 35 U.S.C. §103 in view of the Clark 
article, IP SANs: A Guide to iSCSI, iFCP, and FCIP Protocols for Storage Area Networks. 

The application of the Clark article to Claim 22 seems to be based on a fundamental 
misapprehension of the limitations actually present in Claim 22. In summary, Claim 22 
requires a processing of a network packet to selectively modify the data content contained 
within a specific portion of the network packet as the packet is in route between a first 
network and a second network. 

Clark, in clear contrast, only functionally considers a SCSI packet once the network 
packet envelope has been completely stripped and discarded. Even then, the processing 
contemplated by Clark is just the execution of the embedded SCSI command in persistently 
storing the SCSI content. 

Claim 22 requires in-route processing given step (a) requires that a "route" be 
established between two networks and step (b) requires processing of the "network data 
packet," which is defined in the preamble as encapsulating a "data storage packet," as the 
network data packet is routed between the two networks . 

Step (b) also requires determining a "storage command" contained within the network 
storage packet, and step (c) requires determining a "storage target resource" explicitly from 
"a data storage packet encapsulated by said network data packet." Finally, step (d) requires 
a "filtering" of, the "routing" of the network data packet based on "a determined 
correspondence between said storage command and said storage target resource." 

Claim 22 is thus limited to selectively processing network data packets in route , based 
on an inspection of the contained "storage commands" and "storage target resources". 

Conversely, Clark teaches execution of a SCSI command to persistently store SCSI 
data only after an iSCSI network data packet has been delivered and discarded. Nothing 
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in Clark suggests any consideration of "storage commands" and "storage target resources" 
in-route. Nowhere does Clark even consider any routing topology between two networks; 
Clark only considers the conventional case of a transmitting an iSCSI data packet over a 
network to a network attached storage device, extracting the SCSI packet while discarding 
the iSCSI packet, and actually executing the SCSI command to persistently store content. The 
only route taught by Clark dead-ends on a disk. To be certain, Clark does not teach or 
suggest any routing of data packets between two networks selectively based on the 
encapsulated SCSI command and target resource. 

The Figures 4-4 and 4-5 and related text in Clark, as pointed to in the Action to 
support the rejection, are exclusively limited to the processing of a SCSI packet after it has 
been delivered to a network attached storage device. The processing described is clearly 
and exclusively directed to the actual execution of the SCSI command to actually persist data 
to a storage media. 

The assertions of "official notice" presented in the Action are improper. See Lee, 277 
F.3d at 1344-45, 61 USPQ2d at 1434-35 (Fed. Cir. 2002); Zurko, 258 F.3d at 1386, 59 
USPQ2d at 1697 (holding that general conclusions concerning what is "basic knowledge" 
or "common sense" to one of ordinary skill in the art without specific factual findings and 
some concrete evidence in the record to support these findings will not support an 
obviousness rejection). 

Even if not considered improper, what is claimed under "official notice" still 
fundamentally fails to provide a substantive teaching relevant to the present claims. The 
mere fact that encryption and routing are known in general does not demonstrate the very 
particular selection of the data to be encrypted or the particular relationship of the routed 
data packets and the claimed step of processing the data packets. Thus, the present claims 
present very specific steps and relations that are not "capable of instant and unquestionable 
demonstration" based merely on the officially noticed knowledge of encryption and routing. 

Since Claim 22 presents clear limitations not taught or suggested by the cited 
reference, Claim 22 and its dependents are not obvious under 35 U.S.C. §103. 

Reconsideration of the rejections of Claims 1-31 is therefore respectfully requested. 
Conclusion: 

In view of the above Amendments and Remarks, Applicants respectfully assert that 
Claims 1-31 are now properly in condition for allowance. The Examiner is respectfully 
requested to take action consistent therewith and pass this application on to issuance. The 
Examiner is respectfully requested to contact the Applicants' Attorney, at the telephone 
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number provided below, in regard to any matter that the Examiner may identify that might 
be resolved through a teleconference with the Examiner. 



Date: //I 



t 



Respectfully submitted, 



Bv: J^^Q^^> 
Gerald B. Rosenberg 
Reg. No. 30,320 




NewTechUw 

285 Hamilton Avenue, Suite 520 
Palo Alto, California 94301 
Telephone: 650.325.2100 
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C.) Amendments to the Drawings 

Drawing Figure _4_ has been amended to correct the position of the arrow pointer 
referencing element 74. A replacement page and an annotated page showing the change 
are attached. 
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